Merge branch 'release/v2.462.3-3' into main

cloudogu · Dec 23, 2024 · bdf54ee · bdf54ee
2 parents 1676194 + d55c580
commit bdf54ee
Show file tree

Hide file tree

Showing 13 changed files with 177 additions and 5 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -6,6 +6,13 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [v2.462.3-3] - 2024-12-23
+### Changed
+- The internal makefiles have been updated to standardize the versioning of the release notes.
+
+### Added
+- Dependency version check for CAS, as version >=7.0.5.1-4 of CAS is required for service accounts with type cas
+
 ## [v2.462.3-2] - 2024-11-15
 ### Fixed
 - Fix reading dogu config for key updateSiteUrl; #180

diff --git a/Dockerfile b/Dockerfile
@@ -2,7 +2,7 @@
 FROM registry.cloudogu.com/official/java:17.0.12-4
 
 LABEL NAME="official/jenkins" \
-      VERSION="2.462.3-2" \
+      VERSION="2.462.3-3" \
       maintainer="[email protected]"
 
     # jenkins home configuration

diff --git a/Makefile b/Makefile
@@ -1,4 +1,4 @@
-MAKEFILES_VERSION=9.3.2
+MAKEFILES_VERSION=9.5.0
 
 .DEFAULT_GOAL:=dogu-release
 

diff --git a/build/make/prerelease.mk b/build/make/prerelease.mk
@@ -0,0 +1,6 @@
+# used to create switch the dogu to a prerelease namespace
+# e.g. official/usermgmt -> prerelease_official/usermgmt
+
+.PHONY: prerelease_namespace
+prerelease_namespace:
+	build/make/stagex.sh prerelease_namespace
diff --git a/build/make/prerelease.sh b/build/make/prerelease.sh
@@ -0,0 +1,33 @@
+#!/bin/bash
+set -o errexit
+set -o nounset
+set -o pipefail
+
+prerelease_namespace() {
+
+  # Update version in dogu.json
+  if [ -f "dogu.json" ]; then
+    echo "Updating name in dogu.json..."
+    ORIG_NAME="$(jq -r ".Name" ./dogu.json)"
+    PRERELEASE_NAME="prerelease_${ORIG_NAME}"
+    jq ".Name = \"${PRERELEASE_NAME}\"" dogu.json >dogu2.json && mv dogu2.json dogu.json
+    jq ".Image = \"registry.cloudogu.com/${PRERELEASE_NAME}\"" dogu.json >dogu2.json && mv dogu2.json dogu.json
+  fi
+
+  # Update version in Dockerfile
+  if [ -f "Dockerfile" ]; then
+    echo "Updating version in Dockerfile..."
+    ORIG_NAME="$(grep -oP "^[ ]*NAME=\"([^\"]*)" Dockerfile | awk -F "\"" '{print $2}')"
+    PRERELEASE_NAME="prerelease_$( echo -e "$ORIG_NAME" | sed 's/\//\\\//g' )"
+    sed -i "s/\(^[ ]*NAME=\"\)\([^\"]*\)\(.*$\)/\1${PRERELEASE_NAME}\3/" Dockerfile
+  fi
+
+}
+
+
+TYPE="${1}"
+
+echo ${TYPE}
+if [[ "${TYPE}" == "prerelease_namespace" ]];then
+  prerelease_namespace
+fi
diff --git a/build/make/release.sh b/build/make/release.sh
@@ -56,6 +56,7 @@ fi
 
 update_versions "${NEW_RELEASE_VERSION}"
 update_changelog "${NEW_RELEASE_VERSION}" "${FIXED_CVE_LIST}"
+update_releasenotes "${NEW_RELEASE_VERSION}"
 show_diff
 
 if [[ -n "${DRY_RUN}" ]]; then

diff --git a/build/make/release_functions.sh b/build/make/release_functions.sh
@@ -207,6 +207,50 @@ update_changelog() {
   git commit -m "Update changelog"
 }
 
+update_releasenotes() {
+  local NEW_RELEASE_VERSION="${1}"
+
+  # ReleaseNotes update
+  local CURRENT_DATE
+  CURRENT_DATE=$(date --rfc-3339=date)
+  local NEW_RELEASENOTE_TITLE="## [v${NEW_RELEASE_VERSION}] - ${CURRENT_DATE}"
+  rm -rf ".rn_changed"
+  find . -name "*release_notes*.md" -print0 | while read -d $'\0' file
+  do
+     # Check if "Unreleased" tag exists
+     while ! grep --silent "## \[Unreleased\]" "${file}"; do
+       echo ""
+       echo -e "\e[31mYour ${file} does not contain a \"## [Unreleased]\" line!\e[0m"
+       echo "Please add one to make it comply to https://keepachangelog.com/en/1.0.0/"
+       wait_for_ok "Please insert a \"## [Unreleased]\" line into ${file} now."
+     done
+
+     # Add new title line to changelog
+     sed -i "s|## \[Unreleased\]|## \[Unreleased\]\n\n${NEW_RELEASENOTE_TITLE}|g" "${file}"
+     echo "Processed ${file}"
+     echo true > ".rn_changed"
+  done
+
+  if test -f ".rn_changed" ; then
+    # Wait for user to validate changelog changes
+    wait_for_ok "Please make sure your release notes looks as desired."
+
+    find . -name "*release_notes*.md" -print0 | while read -d $'\0' file
+    do
+      # Check if new version tag still exists
+      while ! grep --silent "$(echo $NEW_RELEASENOTE_TITLE | sed -e 's/[]\/$*.^[]/\\&/g')" "${file}"; do
+        echo ""
+        echo -e "\e[31mYour ${file} does not contain \"${NEW_RELEASENOTE_TITLE}\"!\e[0m"
+        wait_for_ok "Please update your ${file} now."
+      done
+      git add "${file}"
+    done
+
+    git commit -m "Update ReleaseNotes"
+  fi
+  rm -rf ".rn_changed"
+}
+
 # addFixedCVEListFromReRelease is used in dogu cve releases. The method adds the fixed CVEs under the ### Fixed header
 # in the unreleased section.
 addFixedCVEListFromReRelease() {

diff --git a/build/make/self-update.mk b/build/make/self-update.mk
@@ -19,4 +19,9 @@ remove-old-files:
 
 .PHONY: copy-new-files
 copy-new-files:
-	@cp -r $(TMP_DIR)/makefiles-$(MAKEFILES_VERSION)/build/make $(BUILD_DIR)
+	@cp -r $(TMP_DIR)/makefiles-$(MAKEFILES_VERSION)/build/make $(BUILD_DIR)
+
+.PHONY: update-build-libs
+update-build-libs:
+	@echo "Check for newer Build-Lib versions"
+	build/make/self-update.sh buildlibs
diff --git a/build/make/self-update.sh b/build/make/self-update.sh
@@ -0,0 +1,48 @@
+#!/bin/bash
+set -o errexit
+set -o nounset
+set -o pipefail
+
+TYPE="${1}"
+
+update_build_libs() {
+  echo "Get newest version of ces-build-lib and dogu-build-lib"
+  update_jenkinsfile
+  echo "Newest Versions set. Please check your Jenkinsfile"
+}
+
+get_highest_version() {
+  local target="${1}"
+  local gitCesBuildLib
+  # getting tags from ces-build.libs OR dogu-build-libs
+  gitCesBuildLib="$(git ls-remote --tags --refs https://github.com/cloudogu/${target}-build-lib)"
+  local highest
+  # Flagfile for getting results out of while-loop
+  rm -rf .versions
+  while IFS= read -r line; do
+      local version
+      version="$(awk -F'/tags/' '{ for(i=1;i<=NF;i++) print $i }' <<< $line | tail -n 1 | sed 's/[^0-9\.]*//g')"
+      if [[ $version == *"."* ]] ; then
+        echo $version >> ".versions"
+      fi
+  done <<< "$gitCesBuildLib"
+  highest=$(sort .versions | tail -n 1)
+  rm -rf .versions
+  echo "${highest}"
+}
+
+# Patch Jenkinsfile
+update_jenkinsfile() {
+  sed -i "s/ces-build-lib@[[:digit:]].[[:digit:]].[[:digit:]]/ces-build-lib@$(get_highest_version ces)/g" Jenkinsfile
+  sed -i "s/dogu-build-lib@[[:digit:]].[[:digit:]].[[:digit:]]/dogu-build-lib@$(get_highest_version dogu)/g" Jenkinsfile
+}
+
+# switch for script entrypoint
+if [[ "${TYPE}" == "buildlibs" ]];then
+  update_build_libs
+else
+  echo "Unknown target ${TYPE}"
+fi
+
+
+
diff --git a/build/make/vulnerability-scan.mk b/build/make/vulnerability-scan.mk
@@ -0,0 +1,13 @@
+##@ Vulnerability scan
+
+GOVULNCHECK_BIN=${UTILITY_BIN_PATH}/govulncheck
+GOVULNCHECK_VERSION?=latest
+
+${GOVULNCHECK_BIN}: ${UTILITY_BIN_PATH}
+	$(call go-get-tool,$(GOVULNCHECK_BIN),golang.org/x/vuln/cmd/govulncheck@$(GOVULNCHECK_VERSION))
+
+.PHONY: govulncheck
+govulncheck: ${GOVULNCHECK_BIN} ## This target is used to scan the go repository against known vulnerabilities
+	@echo "Start vulnerability against repository"
+	${GOVULNCHECK_BIN} -show verbose ./...
+	@echo "Finished scan"
diff --git a/docs/gui/release_notes_de.md b/docs/gui/release_notes_de.md
@@ -4,6 +4,13 @@ Im Folgenden finden Sie die Release Notes für das Jenkins-Dogu.
 
 Technische Details zu einem Release finden Sie im zugehörigen [Changelog](https://docs.cloudogu.com/de/docs/dogus/jenkins/CHANGELOG/).
 
+## [Unreleased]
+
+## [v2.462.3-3] - 2024-12-23
+### Changed
+* Die internen Makefiles wurden aktualisiert, um die Versionierung der Release-Notes zu vereinheitlichen. 
+* Eine Versionsprüfung für das CAS-Dogu wurde hinzugefügt, da Jenkins ab v2.462.3-1 eine CAS-Version >=7.0.5.1-4 benötigt für die Erstellung von Serviceaccounts
+
 ## 2.462.3-2
 * Es wurde ein Bugfix behoben, bei dem die Einträge aus der Dogu-Konfiguration für updateSiteUrl nicht in Jenkins übernommen wurden.
 * Es wurde ein Bugfix behoben, bei dem mehrere Einträge für JDK 17 in den Jenkins Tools bestanden.

diff --git a/docs/gui/release_notes_en.md b/docs/gui/release_notes_en.md
@@ -4,6 +4,13 @@ Below you will find the release notes for the Jenkins Dogu.
 
 Technical details on a release can be found in the corresponding [Changelog](https://docs.cloudogu.com/en/docs/dogus/jenkins/CHANGELOG/).
 
+## [Unreleased]
+
+## [v2.462.3-3] - 2024-12-23
+### Changed
+* The internal makefiles have been updated to standardize the versioning of the release notes.
+* A version check has been added for the CAS dogu, as Jenkins since version v2.462.3-1 needs the CAS dogu in version >=7.0.5.1-4 to create service accounts
+
 ## 2.462.3-2
 * Fixed a bug where the entries from the Dogu configuration for updateSiteUrl were not applied to Jenkins.
 * Fixed a bug where multiple entries for JDK 17 exists in the Jenkins tools.

diff --git a/dogu.json b/dogu.json
@@ -1,6 +1,6 @@
 {
   "Name": "official/jenkins",
-  "Version": "2.462.3-2",
+  "Version": "2.462.3-3",
   "DisplayName": "Jenkins CI",
   "Description": "Jenkins Continuous Integration Server",
   "Category": "Development Apps",
@@ -16,7 +16,8 @@
   "Dependencies": [
     {
       "type": "dogu",
-      "name": "cas"
+      "name": "cas",
+      "version": ">=7.0.5.1-4"
     },
     {
       "type": "dogu",